The latest IPFire release uses curl 8.2.1, which contains a high-severity heap buffer overflow vulnerability (CVE-2023-38545) in SOCKS5 proxy handling.
The bug can lead to unauthorized memory access, posing a potential security risk. It is triggered when using SOCKS5 proxies configured for remote hostname resolution.
Be aware of this vulnerability, if you use SOCKS5 proxies be careful to use the local Unbound for name resolving, at least until a patched version will be available in future versions of IPFire. If I understand the advisory correctly, the vulnerability occurs ONLY when curl is asked to let the SOCKS5 proxy resolve the hostname.